D-Link DES-3200-10 Switch User Manual


 
xStack
®
DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual
RSA with
RC4_128_MD5
This ciphersuite combines the RSA key exchange, stream cipher RC4 encryption with 128-
bit keys and the MD5 Hash Algorithm. Use the pull-down menu to enable or disable this
ciphersuite. This field is enabled by default.
RSA with 3DES EDE
CBC SHA
This ciphersuite combines the RSA key exchange, CBC Block Cipher 3DES_EDE
encryption and the SHA Hash Algorithm. Use the pull-down menu to enable or disable this
ciphersuite. This field is enabled by default.
DHE DSS with 3DES
EDE CBC SHA
This ciphersuite combines the DSA Diffie Hellman key exchange, CBC Block Cipher
3DES_EDE encryption and SHA Hash Algorithm. Use the pull-down menu to enable or
disable this ciphersuite. This field is enabled by default.
RSA EXPORT with
RC4 40 MD5
This ciphersuite combines the RSA Export key exchange and stream cipher RC4 encryption
with 40-bit keys. Use the pull-down menu to enable or disable this ciphersuite. This field is
enabled by default.
SSL Certificate Download
Server IP Address
Enter the IP address of the TFTP server where the certificate files are located.
Certificate File Name
Enter the path and the filename of the certificate file to download. This file must have a .der
extension. (Ex. c:/cert.der)
Key File Name
Enter the path and the filename of the key file to download. This file must have a .der
extension (Ex. c:/pkey.der)
NOTE: Enabling the SSL command will disable the web-based switch management.
To log on to the Switch again, the header of the URL must begin with https://.
Entering anything else into the address field of the web browser will result in an error
and no authentication will be granted.
SSH
SSH is an abbreviation of Secure Shell, which is a program allowing secure remote login and secure network services
over an insecure network. It allows a secure login to remote host computers, a safe method of executing commands
on a remote end node, and will provide secure encrypted and authenticated communication between two non-trusted
hosts. SSH, with its array of unmatched security features is an essential tool in today’s networking environment. It is a
powerful guardian against numerous existing security hazards that now threaten network communications.
The steps required to use the SSH protocol for secure communication between a remote PC (the SSH client) and the
Switch (the SSH server) are as follows:
1. Create a user account with admin-level access using the User Accounts window in the Configuration folder.
This is identical to creating any other admin-level User Account on the Switch, including specifying a
password. This password is used to logon to the Switch, once a secure communication path has been
established using the SSH protocol.
2. Configure the User Account to use a specified authorization method to identify users that are allowed to
establish SSH connections with the Switch using the SSH User Authentication window. There are three
choices as to the method SSH will use to authorize the user, which are Host Based, Password and Public Key.
3. Configure the encryption algorithm that SSH will use to encrypt and decrypt messages sent between the SSH
client and the SSH server, using the SSH Authmode and Algorithm Settings window.
4. Finally, enable SSH on the Switch using the SSH Settings window.
After completing the preceding steps, a SSH Client on a remote PC can be configured to manage the Switch using a
secure, in band connection.
135